Bbrooks/new relic staging fix (#3916)

* Separating the creation of backend and frontend artifacts into distinct steps

* Fixing typos

* Adding build url stuff to preview and troubleshooting info to staging

* Making Prod user-data script more like Preview

* Trying to fix Preview Deploy

* Removed excess white space and clearning

.circleci/config.yml

@@ -566,6 +566,13 @@ jobs:
           root: ~/project
           paths:
             - web/dist
+      - run:
+          name: persist build URL to workspace
+          command: echo "https://${CIRCLE_BUILD_NUM}-${GH_REPO_ID}-gh.circle-artifacts.com/0" > build-url.txt
+      - persist_to_workspace:
+          root: ~/project
+          paths:
+            - ./build-url.txt                      
 
   # Lints the frontend code.
   frontend lint:
@@ -827,7 +834,7 @@ jobs:
                 --OKTA_CLIENT_ID "$PREVIEW_OKTA_CLIENT_ID" \
                 --OKTA_API_KEY "$PREVIEW_OKTA_API_KEY" \
                 --JWT_SECRET "$PREVIEW_JWT_SECRET" \
-                --MONGO_INITDB_ROOT_USERNAME "$REVIEW_MONGO_INITDB_ROOT_USERNAME" \
+                --MONGO_INITDB_ROOT_USERNAME "$PREVIEW_MONGO_INITDB_ROOT_USERNAME" \
                 --MONGO_INITDB_ROOT_PASSWORD "$PREVIEW_MONGO_INITDB_ROOT_PASSWORD" \
                 --MONGO_INITDB_DATABASE "$PREVIEW_MONGO_INITDB_DATABASE" \
                 --MONGO_DATABASE_USERNAME "$PREVIEW_MONGO_DATABASE_USERNAME" \

bin/preview-deploy/aws.user-data.sh

@@ -5,6 +5,8 @@ sudo yum install -y gcc-c++
 su ec2-user <<E_USER
 # The su block begins inside the root user's home directory.  Switch to the
 # ec2-user home directory.
+cd ~
+# Prepare the environment
 export OKTA_DOMAIN="__OKTA_DOMAIN__"
 export OKTA_SERVER_ID="__OKTA_SERVER_ID__"
 export OKTA_CLIENT_ID="__OKTA_CLIENT_ID__"
@@ -18,9 +20,10 @@ export MONGO_INITDB_ROOT_PASSWORD="__MONGO_INITDB_ROOT_PASSWORD__"
 export MONGO_INITDB_DATABASE="__MONGO_INITDB_DATABASE__"
 export MONGO_DATABASE_USERNAME="__MONGO_DATABASE_USERNAME__"
 export MONGO_DATABASE_PASSWORD="__MONGO_DATABASE_PASSWORD__"
-export DATABASE_URL="__DATABASE_URL"
+export DATABASE_URL="__DATABASE_URL__"
 sudo sh -c "echo license_key: '__NEW_RELIC_LICENSE_KEY__' >> /etc/newrelic-infra.yml"
-cd ~
+
+# Create app logs and directories
 mkdir -p /app/api/logs
 touch /app/api/logs/eAPD-API-error-0.log
 touch /app/api/logs/eAPD-API-out-0.log

bin/prod-deploy/aws.sh

@@ -116,6 +116,50 @@ function deployAPItoEC2() {
 function addBuildUrlToUserData() {
   sed -i'.backup' -e "s|__BUILDURL__|`echo $BUILD_URL`|g" aws.user-data.sh
 
+  sed -i'.backup' -e "s|__GIT_BRANCH__|\"`echo $BRANCH`\"|g" aws.user-data.sh
+
+  sed -i'.backup' -e "s|__PBKDF2_ITERATIONS__|`echo $API_PBKDF2_ITERATIONS`|g" aws.user-data.sh
+
+  sed -i'.backup' -e "s|__OKTA_DOMAIN__|`echo $OKTA_DOMAIN`|g" aws.user-data.sh
+
+  sed -i'.backup' -e "s|__OKTA_API_KEY__|`echo $OKTA_API_KEY`|g" aws.user-data.sh
+
+  sed -i'.backup' -e "s|__OKTA_CLIENT_ID__|`echo $OKTA_CLIENT_ID`|g" aws.user-data.sh
+
+  sed -i'.backup' -e "s|__OKTA_SERVER_ID__|`echo $OKTA_SERVER_ID`|g" aws.user-data.sh
+
+  sed -i'.backup' -e "s|__MONGO_INITDB_ROOT_USERNAME__|`echo $MONGO_INITDB_ROOT_USERNAME`|g" aws.user-data.sh
+
+  sed -i'.backup' -e "s|__MONGO_INITDB_ROOT_PASSWORD__|`echo $MONGO_INITDB_ROOT_PASSWORD`|g" aws.user-data.sh
+
+  sed -i'.backup' -e "s|__MONGO_INITDB_DATABASE__|`echo $MONGO_INITDB_DATABASE`|g" aws.user-data.sh
+
+  sed -i'.backup' -e "s|__MONGO_DATABASE_USERNAME__|`echo $MONGO_DATABASE_USERNAME`|g" aws.user-data.sh
+
+  sed -i'.backup' -e "s|__MONGO_DATABASE_PASSWORD__|`echo $MONGO_DATABASE_PASSWORD`|g" aws.user-data.sh
+
+  sed -i'.backup' -e "s|__JWT_SECRET__|`echo $JWT_SECRET`|g" aws.user-data.sh
+
+  sed -i'.backup' -e "s|__MONGO_DATABASE__|`echo $MONGO_DATABASE`|g" aws.user-data.sh
+
+  sed -i'.backup' -e "s|__MONGO_URL__|`echo $MONGO_URL`|g" aws.user-data.sh
+
+  sed -i'.backup' -e "s|__MONGO_ADMIN_URL__|`echo $MONGO_ADMIN_URL`|g" aws.user-data.sh
+
+  sed -i'.backup' -e "s|__NEW_RELIC_LICENSE_KEY__|`echo $NEW_RELIC_LICENSE_KEY`|g" aws.user-data.sh
+
+  sed -i'.backup' -e "s|__MONGO_INITDB_ROOT_USERNAME__|`echo $MONGO_INITDB_ROOT_USERNAME`|g" aws.user-data.sh
+
+  sed -i'.backup' -e "s|__MONGO_INITDB_ROOT_PASSWORD__|`echo $MONGO_INITDB_ROOT_PASSWORD`|g" aws.user-data.sh
+
+  sed -i'.backup' -e "s|__MONGO_INITDB_DATABASE__|`echo $MONGO_INITDB_DATABASE`|g" aws.user-data.sh
+
+  sed -i'.backup' -e "s|__MONGO_DATABASE_USERNAME__|`echo $MONGO_DATABASE_USERNAME`|g" aws.user-data.sh
+
+  sed -i'.backup' -e "s|__MONGO_DATABASE_PASSWORD__|`echo $MONGO_DATABASE_PASSWORD`|g" aws.user-data.sh
+
+  sed -i'.backup' -e "s|__DATABASE_URL__|`echo $DATABASE_URL`|g" aws.user-data.sh
+
   rm aws.user-data.sh.backup
 }
 

bin/prod-deploy/aws.user-data.sh

@@ -11,6 +11,101 @@ chmod g+w /app
 # Oddly, EC2 images don't have git installed. Shruggy person.
 yum -y install git
 
+# Install New Relic Infrastructure Monitor
+curl -o /etc/yum.repos.d/newrelic-infra.repo https://download.newrelic.com/infrastructure_agent/linux/yum/el/7/x86_64/newrelic-infra.repo
+yum -q makecache -y --disablerepo='*' --enablerepo='newrelic-infra'
+yum install newrelic-infra -y
+
+# Become the default user. Everything between "<<E_USER" and "E_USER" will be
+# run in the context of this su command.
+su ec2-user <<E_USER
+# The su block begins inside the root user's home directory.  Switch to the
+# ec2-user home directory.
+cd ~
+
+# Add New Relic License Key to Infra Monitor config
+sudo sh -c "echo license_key: '__NEW_RELIC_LICENSE_KEY__' >> /etc/newrelic-infra.yml"
+
+# Setup the environment
+export OKTA_DOMAIN="__OKTA_DOMAIN__"
+export OKTA_SERVER_ID="__OKTA_SERVER_ID__"
+export OKTA_CLIENT_ID="__OKTA_CLIENT_ID__"
+export OKTA_API_KEY="__OKTA_API_KEY__"
+export JWT_SECRET="__JWT_SECRET__"
+export MONGO_DATABASE="__MONGO_DATABASE__"
+export MONGO_URL="__MONGO_URL__"
+export MONGO_ADMIN_URL="__MONGO_ADMIN_URL__"
+export MONGO_INITDB_ROOT_USERNAME="__MONGO_INITDB_ROOT_USERNAME__"
+export MONGO_INITDB_ROOT_PASSWORD="__MONGO_INITDB_ROOT_PASSWORD__"
+export MONGO_INITDB_DATABASE="__MONGO_INITDB_DATABASE__"
+export MONGO_DATABASE_USERNAME="__MONGO_DATABASE_USERNAME__"
+export MONGO_DATABASE_PASSWORD="__MONGO_DATABASE_PASSWORD__"
+export DATABASE_URL="__DATABASE_URL__"
+
+# Create application logs
+mkdir -p /app/api/logs
+touch /app/api/logs/eAPD-API-error-0.log
+touch /app/api/logs/eAPD-API-out-0.log
+touch /app/api/logs/Database-migration-error.log
+touch /app/api/logs/Database-migration-out.log
+touch /app/api/logs/Database-seeding-error.log
+touch /app/api/logs/Database-seeding-out.log
+touch /app/api/logs/cms-hitech-apd-api.logs
+
+# Install nvm.  Do it inside the ec2-user home directory so that user will have
+# access to it forever, just in case we need to get into the machine and
+# manually do some stuff to it.
+curl -o- https://raw.githubusercontent.com/creationix/nvm/v0.33.2/install.sh | bash
+source ~/.bashrc
+
+# We're using Node 16, we care about minor/patch versions
+nvm install 16.13.2
+nvm alias default 16.13.2
+
+# Install pm2: https://www.npmjs.com/package/pm2
+# This is what'll manage running the API Node app. It'll keep it alive and make
+# sure it's running when the EC2 instance restarts.
+npm i -g pm2
+npm i -g yarn@1.22.17
+# Get the built API code
+###cd /app
+###echo __BUILDURL__ |tee /home/ec2-user/buildurl.txt
+###curl -o backend.zip -L __BUILDURL__ |tee /home/ec2-user/backenddownload.txt
+###unzip backend.zip
+### rm backend.zip
+git clone --single-branch -b main https://github.com/CMSgov/eAPD.git
+mv eAPD/api/* /app/api
+cd api
+yarn install --frozen-lockfile --production=true
+# There are some platform-dependent binaries that need to be rebuilt before
+# the knex CLI will work correctly.
+yarn rebuild knex
+npm i -g newrelic
+cp node_modules/newrelic/newrelic.js ./newrelic.js
+sed -i 's|My Application|eAPD API|g' newrelic.js
+sed -i 's|license key here|__NEW_RELIC_LICENSE_KEY__|g' newrelic.js
+sed -i "1 s|^|require('newrelic');\n|" main.js
+
+# pm2 wants an ecosystem file that describes the apps to run and sets any
+# environment variables they need.  The environment variables are sensitive,
+# so we won't put them here.  Instead, the CI/CD process should replace the
+# "ECOSYSTEM" placeholder below with a base64-encoded JSON string of an
+# ecosystem file.
+echo "__ECOSYSTEM__" | base64 --decode > ecosystem.config.js
+# Start it up
+pm2 start ecosystem.config.js
+E_USER
+
+# Restart New Relic Infrastructure Monitor
+systemctl enable newrelic-infra
+systemctl start newrelic-infra
+
+# Setup pm2 to start itself at machine launch, and save its current
+# configuration to be restored when it starts
+su - ec2-user -c '~/.bash_profile; sudo env PATH=$PATH:/home/ec2-user/.nvm/versions/node/v16.13.2/bin /home/ec2-user/.nvm/versions/node/v16.13.2/lib/node_modules/pm2/bin/pm2 startup systemd -u ec2-user --hp /home/ec2-user'
+su - ec2-user -c 'pm2 save'
+su - ec2-user -c 'pm2 restart "eAPD API"'
+
 #Install CloudWatch Agent
 wget https://s3.amazonaws.com/amazoncloudwatch-agent/redhat/amd64/latest/amazon-cloudwatch-agent.rpm
 
@@ -223,78 +318,3 @@ CWAPPLOGCONFIG
 /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a append-config -m ec2 -s -c file:/opt/aws/amazon-cloudwatch-agent/doc/var-opt.json
 
 /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a append-config -m ec2 -s -c file:/opt/aws/amazon-cloudwatch-agent/doc/app-logs.json
-
-# Install New Relic Infrastructure Monitor
-curl -o /etc/yum.repos.d/newrelic-infra.repo https://download.newrelic.com/infrastructure_agent/linux/yum/el/7/x86_64/newrelic-infra.repo
-yum -q makecache -y --disablerepo='*' --enablerepo='newrelic-infra'
-yum install newrelic-infra -y
-
-# Become the default user. Everything between "<<E_USER" and "E_USER" will be
-# run in the context of this su command.
-su ec2-user <<E_USER
-# The su block begins inside the root user's home directory.  Switch to the
-# ec2-user home directory.
-# Add New Relic License Key to Infra Monitor config
-sudo sh -c "echo license_key: '__NEW_RELIC_LICENSE_KEY__' >> /etc/newrelic-infra.yml"
-cd ~
-mkdir -p /app/api/logs
-touch /app/api/logs/eAPD-API-error-0.log
-touch /app/api/logs/eAPD-API-out-0.log
-touch /app/api/logs/Database-migration-error.log
-touch /app/api/logs/Database-migration-out.log
-touch /app/api/logs/Database-seeding-error.log
-touch /app/api/logs/Database-seeding-out.log
-touch /app/api/logs/cms-hitech-apd-api.logs
-
-# Install nvm.  Do it inside the ec2-user home directory so that user will have
-# access to it forever, just in case we need to get into the machine and
-# manually do some stuff to it.
-curl -o- https://raw.githubusercontent.com/creationix/nvm/v0.33.2/install.sh | bash
-source ~/.bashrc
-
-# We're using Node 16, we care about minor/patch versions
-nvm install 16.13.2
-nvm alias default 16.13.2
-
-# Install pm2: https://www.npmjs.com/package/pm2
-# This is what'll manage running the API Node app. It'll keep it alive and make
-# sure it's running when the EC2 instance restarts.
-npm i -g pm2
-npm i -g yarn@1.22.17
-# Get the built API code
-cd /app
-echo __BUILDURL__
-curl -o backend.zip -L __BUILDURL__
-unzip backend.zip
-# rm backend.zip
-cd api
-yarn install --frozen-lockfile --production=true
-# There are some platform-dependent binaries that need to be rebuilt before
-# the knex CLI will work correctly.
-yarn rebuild knex
-
-npm i -g newrelic
-cp node_modules/newrelic/newrelic.js ./newrelic.js
-sed -i 's|My Application|eAPD API|g' newrelic.js
-sed -i 's|license key here|__NEW_RELIC_LICENSE_KEY__|g' newrelic.js
-sed -i "1 s|^|require('newrelic');\n|" main.js
-
-# pm2 wants an ecosystem file that describes the apps to run and sets any
-# environment variables they need.  The environment variables are sensitive,
-# so we won't put them here.  Instead, the CI/CD process should replace the
-# "ECOSYSTEM" placeholder below with a base64-encoded JSON string of an
-# ecosystem file.
-echo "__ECOSYSTEM__" | base64 --decode > ecosystem.config.js
-# Start it up
-pm2 start ecosystem.config.js
-E_USER
-
-# Restart New Relic Infrastructure Monitor
-systemctl enable newrelic-infra
-systemctl start newrelic-infra
-
-# Setup pm2 to start itself at machine launch, and save its current
-# configuration to be restored when it starts
-su - ec2-user -c '~/.bash_profile; sudo env PATH=$PATH:/home/ec2-user/.nvm/versions/node/v16.13.2/bin /home/ec2-user/.nvm/versions/node/v16.13.2/lib/node_modules/pm2/bin/pm2 startup systemd -u ec2-user --hp /home/ec2-user'
-su - ec2-user -c 'pm2 save'
-su - ec2-user -c 'pm2 restart "eAPD API"'